Differing Views on Privacy Shape Europe’s Response to U.S. Surveillance Program

PARIS — Olaf Storbeck, a German columnist, has decided to “ditch Googlemail b/c Prism,” he wrote on Twitter. A London-based writer for Reuters, he is now a customer of Swissmail, a Swiss provider that charges a fee, and he says he is tinkering with a VPN, a virtual private network of the kind used by many corporations.

It is too early to say what impact the disclosure of widespread Internet spying in the United States government’s Prism program will have on the European public. Not everyone here is as attuned to privacy issues as Mr. Storbeck. But official European reaction, at least, has been loud and angry.

The response in Europe is partly based on a political reaction to what is perceived as American superpower arrogance and the secrecy surrounding Prism and its supposed safeguards. But it is also founded on a different conception of privacy than in the United States, where the prevailing attitude since Sept. 11, 2001, has been that the government is doing what is required to protect citizens from attacks that can come from anywhere, including Europe.

The European response is not uniform, but it is based on tradition, differing philosophies of the law and history, especially in countries that lived under dictatorships, whether fascist or Communist, and where governments remain mistrusted.

J. Trevor Hughes, writing on a blog called Privacy Perspectives, said that “privacy has always been a difficult concept to define.” For Europeans, he wrote, “privacy is a human right, while for Americans, privacy tends to be about liberty.”

Germany is the country most aggressive in protecting individual privacy. Because of the Nazis and then the East German secret police, the Stasi, a united Germany endorsed a Basic Law that has strict limits and parliamentary oversight over the intelligence services.

Even when European allies conduct a trans-European counterterrorism operation, if the target is in Germany or is a German citizen, and German intelligence must be used, a German must be in charge, said Richard J. Aldrich, a professor of international security at Warwick University in Britain. And there are restrictions on how long surveillance images can be retained.

Google was forced by German regulators to allow individuals to obscure their homes in its Street View database, for example, and European complaints have pushed companies like Facebook to improve their data protection.

But the Sept. 11 attacks and other acts of terrorism have had an impact in Germany, too. According to a poll in the newspaper Die Zeit, about 40 percent of Germans think that governments are right to monitor Internet communications for security reasons. And nearly half say they want to keep using services by American companies like Google, Facebook and Skype for communication and do not feel monitored. There was more skepticism among those 18 to 24.

In Britain, where the common law is based on property rights, privacy is “an existential concept,” Mr. Aldrich said, something less than physical property, which may help explain why there are so many surveillance cameras and so few complaints about them. Alice Thomson, a columnist for The Times of London, seemed to speak for many when she said that her worries were less about Internet privacy than about pornography. “I don’t care who is watching me,” she wrote. “It’s what my children are watching that bothers me.”

In France, where the state is centralized and strong, there is relatively little parliamentary or private oversight of the intelligence services.

Official responses to Prism have varied, with a widespread concern that the United States government is not applying even supposedly laxer American privacy protections to information garnered about non-Americans.

Viviane Reding, the European Union’s outspoken justice commissioner, has demanded explanations from Washington and said that Prism “shows why a clear legal framework for the protection of personal data is not a luxury but a necessity.”

Part of the reaction may stem from the successful American effort in January 2012, opposed by Ms. Reding, to get the European Commission to strip from data privacy legislation a measure that would limit the ability of United States intelligence agencies to ask for data on the European Union.

Marietje Schaake, a Dutch member of the European Parliament from the free-market party Democrats 66, said that “for a lot of people on both sides of the Atlantic, this is a wake-up call, leading to serious questions both at the highest level and in the general public.”

The case will complicate negotiations on a free trade agreement, known as the Transatlantic Trade and Investment Partnership, Ms. Schaake said. “I worry about the fallout from Prism,” she said. The European Parliament, “representing 500 million people, must give thumbs up to a deal. And the key question is will there be enough trust, and that trust has certainly had a blow with the revelations of Prism.”

There has been a history of differences between the United States and the European Union on issues of personal and corporate data since the Sept. 11 attacks. There have been squabbles over access to interbank transfer data and payments (a program known as Swift), and over the provision of passenger lists for airplanes flying to the United States from Europe. (France and Britain have similar requirements for planes flying there.)

And there are continuing debates over whether individuals have the right to expunge data they posted in earlier, less circumspect days — what the French call “the right to be forgotten.”

Europe has gone ahead with its Galileo program to provide an alternative to the American GPS system, developed by the military, but that has more to do with security concerns than data protection, Mr. Aldrich said. Given the growing dependence on GPS for ordinary travel, let alone for telephone monitoring and weapons systems, he said, Europeans are as much worried about infiltration and interference with the GPS monopoly by a third country as they are about American use of the data.

Mr. Aldrich said the problem of personal privacy and counterintelligence was so complicated because most people had little understanding “of where their data sits and who owns it.” Most people’s understanding of intelligence is also out of date, he said. It is now less about “spying” than about algorithms turned loose on huge amounts of data from airlines, banks, credit card companies, and telephone and Internet companies.

It is no longer about “people in trenchcoats” or wiretapping, he said. It is about metadata, he said, “what the C.I.A. calls ‘the electronic exhaust fumes of our lives,’” and the algorithms that allow patterns to be found.

“They have a virtual you and me in a bottle, kept in a warehouse in Utah,” he said. “And in 10 years’ time there will even be better stuff.”

It remains to be seen whether Europeans will spontaneously disengage from social networks they believe may be subject to surveillance. Carsten Tauber, a German blogger, decided last December, before the Prism disclosure, that he had had enough of Facebook. It was too commercial, he said, and offered too little protection of his privacy.

But even Mr. Tauber is skeptical about whether huge numbers of Germans will follow his example. “The Prism case won’t have a huge effect,” Mr. Tauber said. “In the final analysis, Germans don’t really care about data protection.” Social networking “is the future,” he said. “I don’t see how we can stop it.”

Steven Erlanger reported from Paris, and Jack Ewing from Frankfurt.

A version of this article appears in print on , on Page A6 of the New York edition with the headline: Differing Views on Privacy Shape Europe’s Response to U.S. Surveillance Program. Order Reprints | Today’s Paper | Subscribe